@ Qualys. 


Qualys Global AssetView 


CyberSecurity Asset Management 
Quick Start Guide 


January 10, 2022 


Table of Contents 


Tableof Contents e secon ep ans a ae ease A EYITE SEENA TEACO E SENEE SPSE Rta 2 
ikakugolo ki anto) n E RAEE EE E A TN 3 
Gapa bilities vis. vcscsisenascicdsveccsssvsessetevosesasscosetaudencovebsencddebinaassessevenshifvonsnesssoescastvacshena nierit enai 4 
Unimited continuous d o OVE A N Ae Niet ited Es te 5 
Normalization: &cateporn za NOn oa E E aT a e twa E E E A E g E 5 
Detarled-asset imform atron s aa eoo ea EEE ENA perdi Sevan EEO pon EE E aar EEE Sees 6 
ILONI AE OUUTE iA CHa. AE AE A I N E E E E E A E S 6 
Create asset tags and define asset criticality sce casa vlescesendncanticeesas eoasanocswescaane aon adentiotte 7 
PUGH Nomi Criticality OF ASSE S a E A A R tt 8 
Synehronžewith your CMDB eerren na oui hue A E (ues sity ae ES 9 
Track Software, OS and hardware product lifecycle information .........ceeceeceeeeeseteees 11 
Manage authorized and unauthorized SoftWare .sic:larswaciuasce een eae acanionneniees 11 
Define alerts for asset-related health issues ............s.ssississisissisesrisrertistirtererresrerrrsrrrrererre 13 
Generate REpOTtS eiria n A E eter ma anna ea eae ee E A a a ENS 14 
STATA AY ZT a te a oat A ATE E ta Ce a 15 
Pmicready. How do Tcet Started? oa casscicosuvedyensesatusasuesdess as i rea nE E EE EE E aas 16 
Download and install the Qualys Cloud Asents cc nciiasiinwewene soo eee, 16 
ROW Rese CUI re SITS Ni Maat ook ETATE E E E a to. Rha, 16 
Which operating systems are supported? |. ucmucke Gu Swan dene ede ete 16 
Expand your INVENTOLY i ccisseesdinnsavcrsiavessesuiedsnaducadeveasvrdcnvin vases iradad irinae idii 17 
SEINN =) GS ee een en ene E NRE T Ee TA T E E EO E 17 
Network Passiva SENSO wa et ae a a Gah e a a a aces ee a 18 
Cloud Vie Waun aae a a a a n o a a a n a 19 
Seoige giago aeo] ori F n E E E E E N E T EEA 20 
(Mon gh cob liat aegis) oe] ve li A O AE E E E, 21 
shodan AsSestamiuyeneneo ok cua aa a Got ea in SEE ee RE A aes 22 


Qualys Global AssetView | Qualys CyberSecurity Asset Management 2 


Introduction 


CyberSecurity Asset Management (CSAM)/Global AssetView (GAV) continuously gather 
information on all assets, listing system and hardware details, running services, open ports, 
installed software and user accounts. Asset discovery and inventory collection is done through a 
combination of Qualys sensors, which together can collect comprehensive data from across on- 
premise or cloud infrastructure as well as remote endpoints 


Qualys CyberSecurity Asset Management (formerly known as Global IT Asset Inventory) 
capabilities are available in two (2) versions: 


- Global AssetView (GAV) 
- CyberSecurity Asset Management (CSAM) 


GAV provides foundational inventory gathering capabilities for all assets in your hybrid IT 
environment, from on-premises servers and PCs, to Cloud instances, containers, Enterprise IoT 
and OT environments. 


CSAM delivers additional capabilities on top of GAV to provide users with cybersecurity related 
content, such as product lifecycle information, ability to define authorized and unauthorized 
software and integration with ServiceNow CMDB among others. This helps you to accurately 
assess complex IT infrastructure and quickly identify and remediate risk. 


Our free GAV service lets you: 
- Obtain asset inventory across hybrid environments 
- View normalized and categorized hardware and software inventory information 
- Add custom tagging to automatically organize your assets and rank their criticality 
- Create and view customizable dashboards and widgets 


- Search any asset in seconds 


Upgrade to CSAM and you'll also get: 
- Enriched asset data - hardware & software lifecycles, licenses categories, and more 
- Bi-directional synchronization of asset data with your CMDB 
- Ability to define and manage authorized and unauthorized software in your organization 


- Customizable reporting to meet internal and external needs (e.g. standards compliance 
reporting) 


- Alerting via email, Slack or PagerDuty to inform you about assets requiring attention 


Ww 
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Capabilities 


The functionality available in GAV/CSAM can be divided into three (3) sets of capabilities: 


Capabilities 


Discover and 
Inventory 


Description 


P= Discover and Inventory 


Use multiple Qualys sensors, including cloud agent to gain 
comprehensive asset inventory. Enrich it with business context 
from CMDB sync. 


Functionality to discover assets in your environment and collect 
inventory information about those assets. 


Detect and Monitor 


Detect and Monitor 


Detect software and hardware end of life, monitor unauthorized 
and missing required software. 


Functionality to detect potential asset health issues and monitor the 
health of your environment based on defined criteria. 


Report and Respond 


Report and Respond 


Define alerts, uninstall unauthorized software and produce 
compliance reports 


Configuration of actions and reports related to your environment. 
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Unlimited, continuous discovery 


» Last 30 Days + & 


MANAGED DISTRIBUTION UNMANAGED DISTRIBUTION 


culres 
vietialicad 


Networking lesen 


ASSET DISTRIBUTION BY CEOLOCATION CATEGORY BREAKDOWN 


Wietuabzad M chem M Netmarchg amie i atant tierry Deire 


Get ongoing updates on all assets, listing system and hardware details, active services, open 
ports, installed software and user accounts. Asset discovery and inventory collection is done 
through a combination of Qualys Network Scanners, Passive Sensors, Cloud Agents, and 3rd- 
party Connectors, which together can collect comprehensive data from across on-premises or 
cloud infrastructure and remote endpoints. 


Normalization & categorization 


SOFTWARE TYPE DISTRIBUTION TOP PUBLISHERS 


oem Aocha Aste 


TOP SERVER APPLICATION CATEGORIES TOP CLIENT APPLICATION CATEGORIES 


TH Commercial License ll Open Source License License I Commercial! License i Open Source ucense Ucense 


Databases ication Network Digital Content Productivity Application Databases 
t 


Busness Appl 
Appicaton — eneRgnnce And Onvlopment Application Developmen 


With GAV and CSAM, you can make your asset data consistent and uniform, which is essential 
for having inventory clarity and accuracy. The product standardizes manufacturer and product 
names, models and software versions by automatically normalizing raw discovery data using 
Qualys’ ever-evolving technology catalog as reference. This process transforms the global IT 
asset inventory into multi-dimensional and structured information, so that you can make better 
business decisions. Inventory is also categorized by functional category and product families 
making it easy for you to review software and hardware based their function. For example, you 
can quickly identify all databases, or all routers in your environment, by filtering inventory data 
based on those categories. 
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Detailed asset information 


< Asset Details: win10-Last_locatio_test 


INVENTORY. 
a Asset Summary 
‘Asset Summary 


system Information 


Network Information En win10-Last_locatio_test < 


E Bm —_(Serosoft Windows 10 Pro (1809 Build 17763 64-81) | Crticalty Score: 
R Hardware:VMware VMware Virtual Platform 


Installed Software 


Business Information 


Identification Last Location 


SECURITY 
DNS Hostname FQDN NetBIOS Name 
Vulnerabilities win10-Last_locatio_test - WIN10-auth-test1-updated 
EDR \Pv4 Addresses \Pv6 Addresses Asset ID 
tenia 23.211.200.120 - 11104397 


Host ID 
COMPLIANCE = 

Location unknown. 
File Integrity Monitoring -Last Seen: a day ago 07:41 AM 


M SOURCES Activity 


Agent Summary 

Last User Login Last System Boot Created On 
Summary Administrator Sep 6, 2020 05:15 AM Nov 18, 2021 03:02 PM 
Alert Notification Last Updated Last Activity 

a day ago 07:41 AM - 


Tags ac: ts 


[eynamictag3382.N.. : | [dynamicTag 3382.0... : 
[ynamicTag 3382.2... ¢ | | dynamicTag 3382H.. : 
[ynamicTag.3382.7... : || assetJastJocati... 


Automatically view detailed asset information, such as an assets’ identity, running services, 
installed software, open ports, users, and more. GAV/CSAM gives you deep visibility into your 
assets granting you a detailed, multidimensional view of each one that encompasses both its IT 
and security data. You can flag issues such as configuration problems, security risks, IT policy 
violations and regulatory non-compliance with an asset profile that includes a wealth of data. 


Powerful Search 


Q software:(category1:`Databases* and lifecycle. stage:E0L) 


os 
— 
” Moment OR Saree Ounamene ta -< 
masa = rr ea on cae oo tee 
Aterenet HR tarem tetese fim mee ores eet 
pane Hor ae w pev wom 
Memeh SA berse Guramene Ia — — on e 


Quickly find any asset, or information on an asset, in seconds for immediate answers. Our 


powerful search engine lets you craft simple or advanced queries combining multiple asset 
criteria retuming results instantly. 
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Create asset tags and define asset criticality 


As the inventory is building, you can start defining tags to easily find assets belonging to 
individual organization, performing roles or other groupings relevant to your organization. As 
you are creating tags, you can define criticality of your assets (e.g. Order Management System 
devices or executive team laptops should be defined as high criticality - 4 or 5) 


< Create New 


Basic Details 


Start with providing the following information to create your tag 


Name * 


Purchase Order System 


Mark as Favourite 


Description 


All devices used to deliver purchasing system 


Asset Criticality Score 


This score represents the criticality of the asset to your business infrastructure. 


Ci} Here, score 1 Sag the lowest criticality and 5 being the highest criticality assigned to an 
asset, when selected. 


L] c D 3 è [5] 


Tag Properties 
Configure properties for your tag 


Set Tag Color v 


es Select Parent Tag 


For this new tag, you can select an existing tag to set as a parent 
tag or you can create a new parent tag. If this is a root tag, then © 
ignore this selection 


Create Tag 


Tag Type 


® Static () Dynamic 


For more information, refer Configure Tags. 
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Highlight Criticality of Assets 


Apply tags manually or configure rules for automatic classification of your assets in logical, 
hierarchical, business-contextual groups. Assign Business Criticality through tags to stablish 
priorities, and automatically calculates Asset Criticality Score (ACS) based on highest aggregated 
criticality. 


< Asset Details: win10-Last_locatio_test 


ee Asset Summary 


Asset Summary 


system Information 


Network Information MM wint0-Last_locatio_test 2 
Coan Poste | i OS:Microsoft Windows 10 Pro (1809 Build 17763 64-Bit) | Criticality Score: | 5 
P Hardware:VMware VMware Virtual Platform 
Installed Software | x 
| Asset Criticality Score i 
Saka onmin | The highest score assigned to the asset via multiple tags is the asset criticality score of the asset. 
Identification -ocation 
SECURITY Below are various scores assigned to the asset through multiple tags- | 
DNS Hostname FOU Calculated as of Nov 18,2021 | 
Vulnerabilities win10-Last_locatio_test -1 
a ASSETTAGS ASSET CRITICALITY SCORE OC ed 
IPv4 Addresses Pd 4 A = ie 
Sains 23.211.200.120 -| ec A sale 4 l 
Host ID aj 
~ COMPLIANCE - | user_scope tagi_w.. F ; 
¢ Location unknown. 
File Integrity Monitoring | Last Seen: a day ago 07:41 AM 
| p= T 
~ SOURCES Activity — } 


‘Agent Summat 
= id Last User Login Last System Boot 


Crested On 
Summary Administrator Sep 6, 2020 05:15 AM Nov 18, 2021 03:02 PM 
Alert Notification Last Updated Last Activity 

a day ago 07:41 AM - 


[sinamictag 3382.N. : | [dynamicTag 3382U... : || cr : [[dynamicTag-3382.5-. : | | Name-containstag : 
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Synchronize with your CMDB 


You can ensure other users in your organization benefit from Qualys inventory by synchronizing 
inventory data with your CMDB. This will ensure that all users have access to the same, up-to- 
date information. CSAM inventory syncs with ServiceNow’s CMDB, continuously feeding it fresh 
data, so the CMDB can accurately map assets’ relationships, connections, hierarchies, and 
dependencies. 


You can also enrich Qualys inventory with business information by importing business context 
to Qualys, including owners, environment, business applications and other key CMDB data to 
improve response to asset health issues. All using our ServiceNow-certified CMDB Sync App. 


Get the Qualys CMDB Sync Service Graph Connector App User Guide. 


Welcome Patto Quroge N 


é> 


É EOL Operating Systems 
K Top Applicaton Categories 
% Top Application Publishers 
A Database Detrtution 

% Top EOL Appicatons 
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E Neth00s name = IP Address 


OKTPO0450 


10,145.87 80 


1248.106.83 


1264.174.186 


119188210 
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Track Software, OS and hardware product lifecycle information 


Secure your environment by eliminating unsupported software and hardware. Review detailed 
hardware and software product lifecycle information to identify assets requiring replacement or 
upgrade. Gain additional context by identifying licensable and open source software. 


® — Last30Days v 


END-OF-LIFE SOFTWARE 


COMMERCIAL AND OPEN SOURCE EOL SOFTWARE ORACLE JAVA BY LIFECYCLE STAGE WINDOWS OS END OF LIFE NON-CLIENT OPERATING SYSTEM BY END OF LIFE 


\rnslzaton 


_ O ig : 3 = a 


Manage authorized and unauthorized software 


Define and monitor authorized and unauthorized software installations in your environment. 
Define authorization rules for different parts of your environment (e.g. Firefox browser is 
authorized on personal computing devices, but unauthorized in the datacenter) to quickly 
identify potential security risks based on defined rules. 


CyberSecurity Asset Management HOME DASHBOARD INVENTORY TAGS NETWORK RULES RESPONSES REPORTS 20 


PRODUCT PUBLISHER CATEGORY VERSIONS/UPDATES AUTHORIZATION RULE NAME RULE STATUS 


Brave Brave Software Network Application / Intem. Below - Update / 1.2762 Authorized testRule_JE630Z Enabled 
Microsoft Defender Advanced... Microsoft Security / Endpoint Protection Specific- Update  39,5850.17763771 ) Needs Review testRule_JE630Z Enabled 
GOM Player GOM & Company Digital Content / Digital Vide Specific- Update / 23.47.5309 Needs Review testRule_JE630Z Enabled 


Zoom Zoom Video Communications Collaboration / Web Confere. Between-Update  5,0.4(256020524) Unauthorized testRule_JE630Z Enabled 


5.7.1 (543) 
Chrome Google Network Application / Intern. Specific-Update / 790304588 Unauthorized testRule_JE630Z Enabled 
Plex Media Player Plex Digital Content / Computer Above -Update / 246.01031 Authorized testRule_JE630Z Enabled 
Chrome Google Network Application / Intern. Specific -Update | 79.0.3945.88 Needs Review CheckAny_Specific Enabled 
Zoom Zoom Video Communications Collaboration / Web Confere. Specific- Version | 574 Unauthorized CheckAny_Specific Enabled 
Zoom Zoom Video Communications Collaboration / Web Confere. Above -Update | 5.6.7 (1016) Authorized Mapper_check Enabled 


GOM Player GOM & Company Digital Content / Digital Vide ANY - Update Needs Review Mapper_check Enabled 


GOM Player GOM & Company Digital Content / Digital Vide Specific -Version (24 Needs Review Mapper_check Enabled 


Chrome Google Network Application / Intern. Above - Version 810 Unauthorized Mapper_check Enabled 


As you continue to review your inventory, you can start defining Software Authorization Rules 
(Rules tab). You can create new authorization rules in two (2) ways: 
- By selecting a quick action on the software inventory tab on the title you want to create 
the rule for. 
- By going to Rules tab and creating new rule for software authorization. 
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As you are creating the rules, you can define the scope of the authorization (e.g. Firefox browser 
is authorized on personal computing devices, but unauthorized on server devices). You can 
create as many rules as you need. Once rules are created, they are evaluated in priority order as 
you may have conflicting rules based on device selection (e.g. you could unauthorize Firefox on 
all devices, then authorize Firefox for use by the engineering team on their devices). In this 
example, you will need to place global unauthorization rule below authorization rule for the 
engineering team. 


Add Software to Authorization Rule 


Track the software product as authorized/unauthorized 


Chrome 
Network Application / Internet Browser 


@ This Update (79.0.3945.88) Entire Product 


Authorization * 


Select the value 


ORDER NUMBER RULE STATUS TAGS 


auto_authUnauth_8. = 


CheckAny_Specific | sk3 


Mapper_check | sks 


For more information, refer Track Authorized/Unauthorized Software. 
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Define alerts for asset-related health issues 


Configure email, Slack or PagerDuty alerts to notify users about asset health issues requiring 
their attention including product lifecycle, software authorization or other items such as open 
ports or insufficient server storage. 


Sample Queries 


Some Sample Queries to help you to get started 


-~ Unauthorized Software 
Found unauthorized software 


software:(authorization: Unauthorized” and firstFound:[now-1d ... now]) 


-~ Database EOS 
Database is reaching End-of-Service (EOS) on 180th day from today 


aa Databases’ and component: Server’ and lifecycle.eos:[now+179d ... 
now+18 


Operating System EOS 


Servers Operating System is 180th day away of reaching End-of-Service (EOS) from 
today 


wa Sarver and operatingSystem.lifecycle.eos:[now+179d ... 


Internet facing assets ports 


Use Selected 


In order to effectively manage your inventory, you should setup Responses (notifications) to alert 
you about conditions requiring attention (e.g. hardware or software end of life events, 
installations of unauthorized software, etc.). 


Qualys supports three (3) mechanisms for alerting: 
- Email 
- Slack 
- PagerDuty 


For more information, refer Configure Responses. 
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Generate Reports 


Create and share inventory reports with internal stakeholder using provided and custom 
templates. Mandates like FedRAMP and PCI require you to track all assets and software, as well 
as continuously monitor their security gaps. Easily generate reports so you can demonstrate 
compliance. Reporting includes configurable out-of-the-box templates, for example to address 
FedRAMP requirements. 


<— Create New : FedRAMP Template 


STEPS 5/5 
Review and Confirm 


Basic Details r . 
Review and Confirm your selections 


Report Source 


Report Dispiay A Basic Details 


Report Schedule Specify report title and description 


Summary Name Description 


Compliance Report Description of the report 


A Report Source 


Specify assets or assets tags to include in your report 


Search Query 


A Report Display 
Select the columns you want to show in your report 
Selected Columns 


Software Information Host Information 


All All 


A Report Schedule 


Set the run and delivery of this report 


Schedule Type Timezone 
On Demand (GMT 05:30) India Standard Time (IST 


Asia/Kolkata) 


| Cancel | Previous Confirm 


You can also generate reports to provide information about your environment to internal or 
external stakeholders using our reporting function. 


For more information, refer Generate Reports. 
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Traffic Analyzer 


Global IT Asset Inventory HOME DASHBOARD INVENTORY TAGS NETWORK 20m 
Network Traffic Analyzer 
Q Search for assets... Last24Hours v = 
1 8 TRAFFIC FAMILY TRAFFIC VOLUME ü 
A AN E WebServices 161KB W Terminal Emu... 14 KB 
B vimeo 8KB W IBM Systems.. 5KB M A . 
® Networking 308B ™ Other 460B agnam agaes Aug 27 O50 pm agran A2, ag 2I OSAS p 
ASSET TYPE (CLIENT) cien BEA PEN 
INTERNAL 18 
UNMANAGED 18 
MANAGED 1 
DEVICE CATEGORY (CLIENT) a 
192.168.128... Mobile 196 B 0B From: Aug 27, 2020 05:43 pm EXTERNAL Unknown 
Unidentified 5 
UNMANAGED Unknown 1 Pkts. Pkts. To; Aug 27, 2020 05:43 pm 
Computers 4 
Unknown 2 Unknown 6428 0B From: Aug 27, 2020 04:30 pn EXTERNAL Unknown 
Computers / Des. 1 4 Pkts. Pkts To: Aug 27, 2020 04:43 pm 
Virtualized 1 
OPERATING SYSTEM (CLIENT) WIN-CEL TES... Unknown 9KB 11 KB From: Aug 27, 2020 04:24 pm 192.168,5,70 Unknown 
192. 5.23 63 Pkts. 37 Pkts. To: Aug 27, 2020 04:52 pm INTERNAL 
Windows 3 Sahn 
Mobile 3 MANAGED 
Mac / Client 1 192.168.128.... Unix 1828 0B From: Aug 27, 2020 0424 pm EXTERNAL Unknown 
Unknown 1 UNMANAGED Unidentified 2 Pkts. Pkts To: Aug 27, 2020 04:24 pm 
Unix 1 
1 more WIN-CEL_TES... Unknown 22 KB 0B From: Aug 27, 2020 04:23 pm EXTERNAL Unknown 
192.168.5.231 136 Pkts. Pkts. To: Aug 27, 2020 04:52 pm 
= MANAGED. nA 
Traffic Analyzer requires Network Passive Sensor and provides a detailed and consolidated view 
> 2”) ; he 
or the traffic in your network. This helps you to understand the communication between 


different assets in your environment. For example, communication of certain type of an 
unmanaged asset from unsecured network to a critical resource. It also shows date wise traffic 
volume summary for client to server (CTS) and server to client (STC) in tabular and graphical 
view. It provides graphical views of the traffic categorized by family and by volume. It shows all 
traffic flow details for both managed and unmanaged assets. 


For each flow, one can pivot to any of the two assets participating in the traffic flow to check the 
details such as asset summary, network information, system information, list of open ports and 
traffic summary of an asset. 


For more information, refer Traffic Analyzer. 
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I’m ready. How do | get started? 


Download and install the Qualys Cloud Agent 


Start building your inventory by installing cloud agents. With our lightweight agents you'll get 
continuous network security updates through the cloud. As soon as changes are discovered on 
your hosts they'll be assessed and you'll know about new security threats right away. 


You can have cloud agents on private clouds, public clouds, on premise and endpoints to 
continuously discover your IT assets providing 100% real-time visibility. 


nazon C) 


Private Clouds za ae 
Public Clouds 
Internet © 
Enterprise On Remote 
Premise End Users 


Know the requirements 


Here are the requirements for installing and running Cloud Agent on your system: 
- Host must reach Qualys Cloud Platform (or Qualys Private Cloud Platform) over HTTPS 


port 443 
- (Windows) Local administrator privileges on the host. Proxy configuration is supported. 
- (Linux, Mac, AIX) Root privileges, non-root with sudo root delegation, or non-root with 
sufficient privileges. Proxy configuration is supported. 


Which operating systems are supported? 


You can install cloud agents on Windows, Linux, MacOS, PowerPC and AIX. 


On the Qualys Documentation portal, under Sensors > Cloud Agents, refer to the Cloud Agent 
Getting Started Guide and installation guides for different platforms. 
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Expand your Inventory 


Use other Qualys solutions to expand your inventory: 
- Scanners to discover and inventory systems remotely using credential-based scans. 
- Network Passive Sensor to discover unknown devices in the network. 
- CloudView to expand with cloud resource information, 
- Secure Enterprise Mobility to expand with mobile devices, and 
- Container Security to gain insights into containerized applications in your environment. 
- Synchronize with Shodan to get attack surface visibility 


Scanners 


With the Qualys Scanner Appliance, you can assess internal network devices, systems and web 
applications. The Scanner Appliance is a robust, scalable solution for scanning networks of all 
sizes including large distributed networks. Refer to the Scanner Appliance User Guide for 
installation and configuration information. 


($) Scans Scans Maps Schedules Option Profiles Authentication Search Lists Setup 


moe caa [eo~ Ea 


Network Appliance = Personalization Code LANIP WAN IP LAN IPv6 Polling Scanner Signatures Last Update 
Ø CD MCW-Test2 AWS-Demo-AS1-Scanner 20524334632606 17231.0.58 — 180 seconds 124341 25.2343 07/15/2021 at 09:40:11 AM (GMT-0400) &© 
Ø SS Europe-us AWS-Demo-UE1-Scanner 20560606502284 10.0.0.15 - 180 seconds 124344 25.2343 07/15/2021 at 11:18:07 AM (GMT-0400) & 
Global Default AWS-Golden-AMI-Pipeline-uswest1 20526013807213 10.100.128 — 180 seconds n9241 A 2491-4 A 09/18/2020 at 01:48:31 PM (GMT-0400) > 
Network 
# © Global Defauit AZURE-Demo-EastUS2-Scanner 20555547486328 102.07 - 180 seconds 12.4344 25.2343 07/15/2021 at 10:31:10 AM (GMT-0400) =) 
Network 
# <> Global Default AZURE-Demo-WESTUK-Scanner 20576365789651 10.0.1.12 - 180 seconds 12.4344 25.2343 07/15/2021 at 07:33:12 AM (GMT-0400) @) 
Network 
Global Default AZURE_US1 20565877853325 = 180 seconds NA 
Network 
BU-Atianta- BU-Atianta-VS 20596123560117 192.168.128 — - 180 seconds 121671 À 24967-2 Ñ 08/21/2020 at 06:37:06 AM (GMT-0400) =) 
Network: 
192.168.1/24 
BU-DC-ONPREM- BU-DC-ONPREM-AZ-Scanner 20576770685074 10.0.1.132 = 1d00:8e91:dc87:1:20c:29f-fef3:48ed/64 180 seconds n7451 À 24777-2 A 42/25/2019 at 07:05:06 PM (GMT-0500) &© 
az 
Ø SD BUNETICSLABs BU-NET-ICS-LABs-ScannerV1 20577 153682901 10.113.218.215 — 180 seconds 124344 25.2343 07/15/2021 at 09:25:12 AM (GMT-0400) @) 
* Global Default GCP-Demo-AS1-Scanner 205790427 16681 192.168.0.136 — 180 seconds 124341 25234-3 07/15/2021 at 08:43:08 AM (GMT-0400) @) 
Network 
# <> Global Default ‘GCP-Demo-UW2-Scanner 20575790218613 10.0.0138 — 180 seconds 124341 25.2343 07/15/2021 at 07:41:08 AM (GMT-0400) >) 
Network 
Global Default PDX_Intemaled 20504358273627 10.0.0.89 - 2601:1¢0:6901:2640:a00:27ff-fede:e9ed/64 180 seconds 123511 À 25.159-3 & 04716/2021 at 03:11:57 PM (GMT-0400) &© 
Network 
# © Global Default QVSA Training Qualys.com 20529105754525 10.116.133.44 ~ 180 seconds 124341 25234-3 07/15/2021 at 11:05:08 AM (GMT-0400) &© 
Network 
# © Global Default RDLAB_USA_Scanner-PC-1 20551083495039 10.10.22.121 ~ 180 seconds 124344 25.2343 07/15/2021 at 10:01:08 AM (GMT-0400) E 
Network 
BU-NET-RDLABs RDLAB_USA_Scanner1 20598177528006 10.10.22122 — - 180 seconds 124344 25.223-4 & 07/02/2021 at 11:18:49 AM (GMT-0400) @ 
BU-NET-RDLABs  RDLAB_USA_Scanner3 20528084708369 10.11.49.204 — - 180 seconds 124341 25223-3 Å 07/15/2021 at 09:50:28 AM (GMT-0400) @ 
Ø CD BU-NET-RDLABs RDLABs_INDIA_Scannert 20541565182878 10.115.51.191 — - 180 seconds 124341 25.2343 07/15/2021 at 07:54:13 AM (GMT-0400) @) 
@ CO BU-NET-RDLABs RDLABs_INDIA_Scanner2 20549489273351 10.115.49.134 — = 180 seconds 12.4341 25234-3 07/15/2021 at 09:53:12 AM (GMT-0400) & 
Global Default m 20590081064397 - 180 seconds NA D 
Network 
Global Default testi0 20584996040607 - 180 seconds NA 


Network 
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Network Passive Sensor 


Identify known and unknown devices the moment they connect to your network, eliminating 
blind spots across your IT environment. Refer to Network Passive Sensor Getting Started Guide 
for additional information. 


> operatingiysten. typinglerf idence ‘HG 


wan 
ware 
cota to ena? 


AMOR GSIN 19508 _ 
ed ea 28 2AA tee ede 
aee ee 


IER 108 268 129, 100 108. 
OD DTH NO Nee oF 
de D9 teDere 


110010 
VEL Ak 259 TET tomo 29 PR 
POETEN 


ZAL EL EEC] 


- Identify and profile assets the moment they connect to your network 
- Understand network traffic across your environments to help detect unusual activity 


Traffic Summary 


Q Search for traffic details... 


Ea Client | Server 


TRAFFIC VOLUME Q Click and drag in the plot area to zoom in INGRESS $ EGRESS 


Traffic Details 


From: Aug 25, 2020 (19:02) 
To: Aug 27, 2020 (17:44) Oe 74 
Total Ingress ‘otal Egress 


Traffic by Family cs E 


Multicast DNS (mDNS) 11.83KB 11.83KB 


SSDP 62.19KB 62.19KB 
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CloudView 


Qualys CloudView provides continuous inventory of your public cloud workloads and 
infrastructure. For more information, refer CloudView User Guide. 

- Get comprehensive visibility of your public cloud resources 

- Works across Amazon Web Services, Google Cloud and Microsoft Azure 

- Easily upgrade to get continuous compliance assessments 
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Secure Enterprise Mobility 
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Qualys SEM provides complete visibility, security and continuous monitoring for your mobile 
devices and data. 

- Complete visibility for corporate-owned devices and BYOD 

- Works with Android and iOS 

- Easily upgrade to get vulnerability management and mobile data security 


samsung 
Asset Summary 


Last Seen: Jun 14, 2019 3:20:56 PA IST (6 mintes ago) 
Stars Envolied 


ti Admin Android samsung + 


Last Location 


Active 


Corporate - Owned 


394417095783206 


00:90:66.1). 98: 8E 
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Container Security 


Qualys Container Security provides discovery, tracking, and continuously protecting 
container environments. Upon installation of the sensor, it automatically scans the 
host for the images and containers that are present on the host. The inventory and 
the metadata of the inventory is pushed to your Qualys Cloud Platform account. We'll 
help you get started quickly! 


The Assets section lists the Images and Containers discovered along with their metadata 
information like ports, networks, services, users, installed software, etc. The assets 

are listed along with their associations like associated containers and hosts for 

an image, other containers from the same parent image. Users can search for images 
and containers based on their attributes. 


<€ Asset Details: cento 


v INVENTORY i 
Container Summary 
Asset Summary 
System Information 
Docker version: 18.09.0-beta5 
Network Information Assoc. containers: 1 
docker $ i 
Open Ports Assoc. images: 28 


Installed Software 


Business Information 


Y SECURITY 


Vulnerabilities 
Certificates 


Container Security 
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Shodan Assests 


Integration with third-party sources like Shodan.io gives an outside-in view to find assets 
exposed to the internet, flagging known ‘managed’ assets, identifying unknown assets, and 
enabling security risk assessment. 


With this capability, you can: 

- Pull customer-specific public data from Shodan 

- Display it in the Asset Inventory and Asset Details 

- Create Unmanaged Assets to track newly identified endpoints 
- Enable contextual queries 


Here, you can import assets from Shodan to your inventory. We have added an option on the 
Home page to activate Shodan and manage Shodan configurations to import assets based on the 
filters in the configuration. 
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